DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-23 are presented for examination.
Information Disclosure Statement
The information disclosure statement filed 19 November 2024 fails to comply with 37 CFR 1.98(a)(2), which requires a legible copy of each cited foreign patent document; each non-patent literature publication or that portion which caused it to be listed; and all other information or that portion which caused it to be listed. It has been placed in the application file, but the information referred to therein has not been considered.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Claims 1-23 rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-21 of U.S. Patent No. 11,936,622. Although the claims at issue are not identical, they are not patentably distinct from each other because the instant claims are anticipated by the ‘622 Patent.
US Application 18/952,512
US Patent 11,936,622
1. A method for providing dynamic network traffic policies across multiple computing environments, comprising:
inspecting a workload deployed in a first computing environment for a cybersecurity object, the cybersecurity object indicating a cybersecurity risk;
detecting the cybersecurity risk on the workload based on the cybersecurity object;
generating a policy for a firewall based on the cybersecurity risk, wherein the firewall is deployed in a second computing environment and provides connectivity between the second computing environment and an external network; and
configuring the firewall to apply the generated policy.
1. A method for providing dynamic network traffic policies, comprising:
inspecting a workload for a cybersecurity object, the cybersecurity object indicating a cybersecurity risk, wherein the workload is deployed in a cloud computing environment having a firewall connected to an external network;
detecting the cybersecurity risk on the workload based on the cybersecurity object;
generating a policy for the firewall based on the cybersecurity risk; and
configuring the firewall to apply the generated policy.
2. The method of claim 1, further comprising: detecting a second cybersecurity object on a second workload deployed in the second computing environment; and detecting that the cybersecurity risk is a toxic combination based on the cybersecurity object and the second cybersecurity object.
2. The method of claim 1, further comprising: detecting a second cybersecurity object on the workload; and detecting that the cybersecurity risk is a toxic combination based on the cybersecurity object and the second cybersecurity object.
3. The method of claim 2, wherein the cybersecurity risk is any one of: a misconfiguration, a vulnerability, an exposure, an attack path, a reachability path, and any combination thereof.
3. The method of claim 2, wherein the cybersecurity risk is any one of: a misconfiguration, a vulnerability, an exposure, an attack path, a reachability path, and a combination thereof.
4. The method of claim 1, further comprising: determining a severity of the cybersecurity risk based on a detected cybersecurity object; and generating the policy further based on the determined severity.
4. The method of claim 1, further comprising: determining a severity of the cybersecurity risk based on a detected cybersecurity object; and generating the policy based on the determined severity.
6. The method of claim 1, further comprising: generating a representation of the first computing environment and a representation of the second computing environment in a security database; detecting a representation of the cybersecurity risk in the security database, which is connected to a representation of a remediation action; and initiating the remediation action in any one of: the first computing environment, the second computing environment, and a combination thereof.
9. The method of claim 1, further comprising: initiating a mitigation action based on the detected cybersecurity risk.
7. The method of claim 1, further comprising: inspecting the workload for the cybersecurity object at a second time; determining that the cybersecurity object is not detected at the second time; and configuring the firewall to remove the generated policy in response to determining that the cybersecurity object is not detected.
10. The method of claim 9, further comprising: configuring the firewall to remove the policy in response to detecting that the cybersecurity risk is removed from the workload.
9. The method of claim 1, further comprising: detecting an original disk associated with the workload; cloning the original disk into an inspectable disk; and inspecting the inspectable disk for the cybersecurity object.
5. The method of claim 1, further comprising: detecting an original disk associated with the workload; cloning the original disk into an inspectable disk; and inspecting the inspectable disk for the cybersecurity object.
10. The method of claim 1, further comprising: configuring the firewall to block network traffic to the workload, in response to determining that the cybersecurity risk is of a first type.
6. The method of claim 1, further comprising: configuring the firewall to block network traffic to the workload, in response to determining that the cybersecurity risk is of a first type.
11. The method of claim 1, further comprising: configuring the firewall to block network traffic to the workload, in response to determining that the cybersecurity object is of a first type.
7. The method of claim 1, further comprising: configuring the firewall to block network traffic to the workload, in response to determining that the cybersecurity object is of a first type.
12. A non-transitory computer-readable medium storing a set of instructions for providing dynamic network traffic policies across multiple computing environments, the set of instructions comprising: one or more instructions that, when executed by one or more processors of a device, cause the device to: inspect a workload deployed in a first computing environment for a cybersecurity object, the cybersecurity object indicating a cybersecurity risk; detect the cybersecurity risk on the workload based on the cybersecurity object; generate a policy for a firewall based on the cybersecurity risk, wherein the firewall is deployed in a second computing environment and provides connectivity between the second computing environment and an external network; and configure the firewall to apply the generated policy.
21. A non-transitory computer-readable medium storing a set of instructions for providing dynamic network traffic policies, the set of instructions comprising: one or more instructions that, when executed by one or more processors of a device, cause the device to: inspect a workload for a cybersecurity object, the cybersecurity object indicating a cybersecurity risk, wherein the workload is deployed in a cloud computing environment having a firewall connected to an external network; detect the cybersecurity risk on the workload based on the cybersecurity object; and generate a policy for the firewall based on the cybersecurity risk; and configure the firewall to apply the generated policy.
13. A system for providing dynamic network traffic policies across multiple computing environments comprising: a processing circuitry; a memory, the memory containing instructions that, when executed by the processing circuitry, configure the system to: inspect a workload deployed in a first computing environment for a cybersecurity object, the cybersecurity object indicating a cybersecurity risk; detect the cybersecurity risk on the workload based on the cybersecurity object; generate a policy for a firewall based on the cybersecurity risk, wherein the firewall is deployed in a second computing environment and provides connectivity between the second computing environment and an external network; and configure the firewall to apply the generated policy.
11. A system for providing dynamic network traffic policies comprising: a processing circuitry; a memory, the memory containing instructions that, when executed by the processing circuitry, configure the system to: inspect a workload for a cybersecurity object, the cybersecurity object indicating a cybersecurity risk, wherein the workload is deployed in a cloud computing environment having a firewall connected to an external network; detect the cybersecurity risk on the workload based on the cybersecurity object; generate a policy for the firewall based on the cybersecurity risk; and configure the firewall to apply the generated policy.
14. The system of claim 13, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: detect a second cybersecurity object on a second workload deployed in the second computing environment; and detect that the cybersecurity risk is a toxic combination based on the cybersecurity object and the second cybersecurity object.
12. The system of claim 11, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: detect a second cybersecurity object on the workload; and detect that the cybersecurity risk is a toxic combination based on the cybersecurity object and the second cybersecurity object.
15. The system of claim 14, wherein the cybersecurity risk is any one of: a misconfiguration, a vulnerability, an exposure, an attack path, a reachability path, and any combination thereof.
13. The system of claim 12, wherein the cybersecurity risk is any one of: a misconfiguration, a vulnerability, an exposure, an attack path, a reachability path, and a combination thereof.
16. The system of claim 13, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: determine a severity of the cybersecurity risk based on a detected cybersecurity object; and generate the policy further based on the determined severity.
14. The system of claim 11, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: determine a severity of the cybersecurity risk based on a detected cybersecurity object; and generate the policy based on the determined severity.
18. The system of claim 13, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: generate a representation of the first computing environment and a representation of the second computing environment in a security database; detect a representation of the cybersecurity risk in the security database, which is connected to a representation of a remediation action; and initiate the remediation action in any one of: the first compute environment, the second computing environment, and a combination thereof.
19. The system of claim 11, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: initiate a mitigation action based on the detected cybersecurity risk.
19. The system of claim 13, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: inspect the workload for the cybersecurity object at a second time; determine that the cybersecurity object is not detected at the second time; and configure the firewall to remove the generated policy in response to determining that the cybersecurity object is not detected.
20. The system of claim 19, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: configure the firewall to remove the policy in response to detecting that the cybersecurity risk is removed from the workload.
21. The system of claim 13, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: detect an original disk associated with the workload; clone the original disk into an inspectable disk; and inspect the inspectable disk for the cybersecurity object.
15. The system of claim 11, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: detect an original disk associated with the workload; clone the original disk into an inspectable disk; and inspect the inspectable disk for the cybersecurity object.
22. The system of claim 13, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: configure the firewall to block network traffic to the workload, in response to determining that the cybersecurity risk is of a first type.
16. The system of claim 11, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: configure the firewall to block network traffic to the workload, in response to determining that the cybersecurity risk is of a first type.
23. The system of claim 13, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: configure the firewall to block network traffic to the workload, in response to determining that the cybersecurity object is of a first type.
17. The system of claim 11, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: configure the firewall to block network traffic to the workload, in response to determining that the cybersecurity object is of a first type.
Claims 1-23 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-21 of U.S. Patent No. 12,177,184. Although the claims at issue are not identical, they are not patentably distinct from each other because the instant claims are anticipated by the ‘184 Patent.
US Application 18/952,512
US Patent 12,177,184
1. A method for providing dynamic network traffic policies across multiple computing environments, comprising: inspecting a workload deployed in a first computing environment for a cybersecurity object, the cybersecurity object indicating a cybersecurity risk; detecting the cybersecurity risk on the workload based on the cybersecurity object; generating a policy for a firewall based on the cybersecurity risk, wherein the firewall is deployed in a second computing environment and provides connectivity between the second computing environment and an external network; and configuring the firewall to apply the generated policy.
1. A method for providing dynamic network traffic policies, comprising: generating an inspectable disk from an original disk of a workload, the workload deployed in a cloud computing environment, wherein the cloud computing environment has a firewall connected to an untrusted network; inspecting the inspectable disk for a cybersecurity object, the cybersecurity object indicating a cybersecurity risk; detecting the cybersecurity risk on the workload based on the cybersecurity object; and configuring the firewall to filter network traffic to the workload based on the detected cybersecurity risk.
3. The method of claim 2, wherein the cybersecurity risk is any one of: a misconfiguration, a vulnerability, an exposure, an attack path, a reachability path, and any combination thereof.
3. The method of claim 1, further comprising: determining that the cybersecurity risk is any one of: a misconfiguration, a vulnerability, an exposure, an attack path, a reachability path, and a combination thereof.
4. The method of claim 1, further comprising: determining a severity of the cybersecurity risk based on a detected cybersecurity object; and generating the policy further based on the determined severity.
2. The method of claim 1, further comprising: determining a severity of the cybersecurity risk based on the detected cybersecurity object; generating a network traffic policy based on the determined severity; and configuring the firewall to apply the generated network traffic policy.
6. The method of claim 1, further comprising: generating a representation of the first computing environment and a representation of the second computing environment in a security database; detecting a representation of the cybersecurity risk in the security database, which is connected to a representation of a remediation action; and initiating the remediation action in any one of: the first computing environment, the second computing environment, and a combination thereof.
6. The method of claim 1, further comprising: initiating a mitigation action based on the detected cybersecurity risk.
7. The method of claim 1, further comprising: inspecting the workload for the cybersecurity object at a second time; determining that the cybersecurity object is not detected at the second time; and configuring the firewall to remove the generated policy in response to determining that the cybersecurity object is not detected.
11. The method of claim 1, further comprising: configuring the firewall to remove the filter in response to detecting that the cybersecurity risk is removed from the workload.
9. The method of claim 1, further comprising: detecting an original disk associated with the workload; cloning the original disk into an inspectable disk; and inspecting the inspectable disk for the cybersecurity object.
4. The method of claim 1, further comprising: cloning the original disk into the inspectable disk.
10. The method of claim 1, further comprising: configuring the firewall to block network traffic to the workload, in response to determining that the cybersecurity risk is of a first type.
5. The method of claim 1, further comprising: configuring the firewall to block network traffic to the workload, in response to determining that the cybersecurity risk is of a first type.
12. A non-transitory computer-readable medium storing a set of instructions for providing dynamic network traffic policies across multiple computing environments, the set of instructions comprising: one or more instructions that, when executed by one or more processors of a device, cause the device to: inspect a workload deployed in a first computing environment for a cybersecurity object, the cybersecurity object indicating a cybersecurity risk; detect the cybersecurity risk on the workload based on the cybersecurity object; generate a policy for a firewall based on the cybersecurity risk, wherein the firewall is deployed in a second computing environment and provides connectivity between the second computing environment and an external network; and configure the firewall to apply the generated policy.
12. A non-transitory computer-readable medium storing a set of instructions for providing dynamic network traffic policies, the set of instructions comprising: one or more instructions that, when executed by one or more processors of a device, cause the device to: generate an inspectable disk from an original disk of a workload, the workload deployed in a cloud computing environment, wherein the cloud computing environment has a firewall connected to an untrusted network; inspect the inspectable disk for a cybersecurity object, the cybersecurity object indicating a cybersecurity risk; detect the cybersecurity risk on the workload based on the cybersecurity object; and configure the firewall to filter network traffic to the workload based on the detected cybersecurity risk.
13. A system for providing dynamic network traffic policies across multiple computing environments comprising: a processing circuitry; a memory, the memory containing instructions that, when executed by the processing circuitry, configure the system to: inspect a workload deployed in a first computing environment for a cybersecurity object, the cybersecurity object indicating a cybersecurity risk; detect the cybersecurity risk on the workload based on the cybersecurity object; generate a policy for a firewall based on the cybersecurity risk, wherein the firewall is deployed in a second computing environment and provides connectivity between the second computing environment and an external network; and configure the firewall to apply the generated policy.
13. A system for providing dynamic network traffic policies comprising: a processing circuitry; and a memory, the memory containing instructions that, when executed by the processing circuitry, configure the system to: generate an inspectable disk from an original disk of a workload, the workload deployed in a cloud computing environment, wherein the cloud computing environment has a firewall connected to an untrusted network; inspect the inspectable disk for a cybersecurity object, the cybersecurity object indicating a cybersecurity risk; detect the cybersecurity risk on the workload based on the cybersecurity object; and configure the firewall to filter network traffic to the workload based on the detected cybersecurity risk.
15. The system of claim 14, wherein the cybersecurity risk is any one of: a misconfiguration, a vulnerability, an exposure, an attack path, a reachability path, and any combination thereof.
15. The system of claim 13, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: determine that the cybersecurity risk is any one of: a misconfiguration, a vulnerability, an exposure, an attack path, a reachability path, and a combination thereof.
16. The system of claim 13, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: determine a severity of the cybersecurity risk based on a detected cybersecurity object; and generate the policy further based on the determined severity.
14. The system of claim 13, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: determine a severity of the cybersecurity risk based on the detected cybersecurity object; generate a network traffic policy based on the determined severity; and configure the firewall to apply the generated network traffic policy.
18. The system of claim 13, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: generate a representation of the first computing environment and a representation of the second computing environment in a security database; detect a representation of the cybersecurity risk in the security database, which is connected to a representation of a remediation action; and initiate the remediation action in any one of: the first compute environment, the second computing environment, and a combination thereof.
18. The system of claim 13, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: initiate a mitigation action based on the detected cybersecurity risk.
19. The system of claim 13, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: inspect the workload for the cybersecurity object at a second time; determine that the cybersecurity object is not detected at the second time; and configure the firewall to remove the generated policy in response to determining that the cybersecurity object is not detected.
23. The system of claim 13, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: configure the firewall to remove the filter in response to detecting that the cybersecurity risk is removed from the workload.
21. The system of claim 13, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: detect an original disk associated with the workload; clone the original disk into an inspectable disk; and inspect the inspectable disk for the cybersecurity object.
16. The system of claim 13, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: clone the original disk into the inspectable disk.
22. The system of claim 13, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: configure the firewall to block network traffic to the workload, in response to determining that the cybersecurity risk is of a first type.
17. The system of claim 13, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: configure the firewall to block network traffic to the workload, in response to determining that the cybersecurity risk is of a first type.
Prior Art Made of Record
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Harel (US Patent 12,549,589 B1) discloses a system and method for detection engine having risk-based severity alerts.
Heller et al. (US 2023/0221983 A1) discloses a system and method for techniques for providing third party trust to a cloud computing environment.
Lian et al. (US Patent 9,380,027 B1) discloses a system and method for conditional declarative policies.
Lidgi et al. (EP 4593329 A1) discloses a system and method for application endpoint cybersecurity techniques.
Luttwak et al. (US 2025/0168193 A1) discloses a system and method for providing security posture management for AI applications.
Parla et al. (WO 2025/029679 A1) discloses a system and method for dynamic placement of compensating controls on DPU and EBPF based on workload, trust, and threat scoring.
Reznik et al. (US 2025/0131102 A1) discloses a system and method for providing third party compliance to computer and software environments.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SARAH SU whose telephone number is (571)270-3835. The examiner can normally be reached 6:30 AM - 3:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached at 571-272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SARAH SU/Primary Examiner, Art Unit 2431